WASHINGTON ― The Internal Revenue Service and its Security Summit partners cautioned taxpayers today to avoid identity theft by watching for phishing scams that can increase around the tax season. The IRS, state tax agencies and the tax industry - all partners in the fight against identity theft- reminded taxpayers that the easiest way for an identity thief to steal taxpayer information is by simply asking for it. As a result, each day people fall victim to phishing scams through emails, texts, or phone and mistakenly turn over important data. In turn, cybercriminals try to use that data to file fraudulent tax returns or commit other crimes.

This is the second reminder to taxpayers during the "National Tax Security Awareness Week." This week, the IRS, states and the tax community are sharing information to taxpayers and tax professionals as a part of the ongoing Security Summit effort to combat refund fraud and identity theft.

Surge in Email, Phishing and Malware Schemes

The IRS saw an approximate 400 percent surge in phishing and malware incidents during the 2016 tax season.

Scam emails are designed to trick taxpayers into thinking these are official communications from the IRS or others in the tax industry, including tax software companies. These phishing schemes can ask taxpayers about a wide range of topics. Emails can seek information related to tax refunds, filing status, confirming personal information, ordering transcripts, verifying PIN information and asking people to verify their tax software account.

Variations of these scams can be seen via text messages, and the misleading communications can be seen in every section of the country.

When people click on these email links, they are taken to sites designed to imitate an official-looking website, such as IRS.gov. The sites ask for Social Security numbers and other personal information, which could be used to help file false tax returns. The sites also may carry malware, which can infect people's computers and allow criminals to access your files or track your keystrokes to gain information.

IR-2016-15, Phishing Remains on the IRS "Dirty Dozen" List of Tax Scams for the 2016 Filing Season

As part of the "Taxes. Security. Together." campaign aimed at encouraging taxpayers to take stronger measures to protect their financial and tax data, the IRS and its Security Summit partners urged people not to give out personal information based on an unsolicited email request.

The campaign calls for taxpayers take the time to examine, identify and avoid emails that:

Contain a link. Scammers often pose as the IRS, financial institutions, credit card companies or even tax companies or software providers. These scams may claim they need the recipient to update their account or request they change a password. The email offers a link to a spoofing site that may look similar to the legitimate official website. Taxpayers should follow a simple rule: Don't click on the link. If in doubt, they should go directly to the legitimate website to access the account.

Contain an attachment. Another option for scammers is to include an attachment to the email. This attachment may be infected with malware that can download malicious software onto the recipient's computer without their knowledge. If it is spyware, it can track the recipient's keystrokes to obtain information about their passwords, Social Security number, credit cards or other sensitive data. Remember, taxpayers shouldn't open attachments from unknown sources.

Are from a "government" agency or "financial institution." Scammers attempt to frighten people into opening email links by posing as government agencies, financial institutions and even tax companies. Thieves often try to imitate the official organizations, especially tax-related ones during the filing season.

Are from a "friend." Scammers also hack email accounts and try to leverage the stolen email addresses. Recipients may receive an email from a "friend" that just does not seem right. It may be missing a subject for the subject line or contain odd requests or language as the underlying content. If the email seems "odd," taxpayers should avoid clicking on any links or opening attachments.

Contain a false "lookalike" URL. The sending email may try to trick the recipient with the URL or web address. For example, instead of www.IRS.gov, it may be a false lookalike such as www.irs.gov.maliciousname.com. To verify the authenticity, a recipient can place their cursor over the text to view a pop-up of the real URL.

Learning to recognize and avoid phishing emails - and sharing that knowledge with family members - is critical to combating identity theft and data loss.

Additional steps that can help taxpayers protect their personal and financial data are available on the "Taxes. Security. Together." page as well as in Publication 4524, Security Awareness for Taxpayers. Also, taxpayers help spread the word on this week's messages using the hashtag #TaxSecurity in social media platforms.

February 2018

S

M

T

W

T

F

S

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

Upcoming Tax Dates

February 10 — Social security, Medicare, and withheld income tax
File Form 941 for the fourth quarter of 2017. This due date applies only if you deposited the tax for the quarter timely, properly, and in full.

February 10 — Certain small employers
File Form 944 to report social security and Medicare taxes and withheld income tax for 2017. This due date applies only if you deposited the tax for the year timely, properly, and in full.

February 10 — Farm employers
File Form 943 to report social security and Medicare taxes and withheld income tax for 2017. This due date applies only if you deposited the tax for the year timely, properly, and in full.

February 10 — Federal unemployment tax
File Form 940 for 2017. This due date applies only if you deposited the tax for the year timely, properly, and in full.

February 10 — Employees who work for tips
If you received $20 or more in tips during January, report them to your employer
Details

February 15 — All businesses
Give annual information statements to recipients of certain payments you made during 2017
Details

February 15 — Social security, Medicare, and withheld income tax
If the monthly deposit rule applies, deposit the tax for payments in January.

February 15 — All employers
Begin withholding income tax from the pay of any employee who claimed exemption from withholding in 2017, but did not give you Form W4 to continue the exemption this year.

February 15 — Individuals
If you claimed exemption from income tax withholding last year on the Form W-4, you must file a new Form W-04 by this date to continue your exemption for another year
Details

February 28 — All businesses
File information returns (for example, Forms 1099) for certain payments you made during 2017.

February 28 — Payers of gambling winnings.
File Form 1096 along with Copy A of all the Forms W2G you issued for 2017. If you file Forms W2G electronically, your due date for filing them with the IRS will be extended to 03-31. The due date for giving the recipient these forms remains 01-31.

February 28 — All employers
File Form W3, Transmittal of Wage and Tax Statements, along with Copy A of all the Forms W2 you issued for 2017. If you file Forms W2 electronically, your due date for filing them with the SSA will be extended to 03-31. The due date for giving the recipient these forms remains 01-31.

February 28 — Large food and beverage establishment employers
File Form 8027, Employer's Annual Information Return of Tip Income and Allocated Tips. Use Form 8027T, Transmittal of Employer's Annual Information Return of Tip Income and Allocated Tips, to summarize and transmit Forms 8027 if you have more than one establishment. If you file Forms 8027 electronically, your due date for filing them with the IRS will be extended to 03-31.